Adv-Cyber Incident Response
POSITION OVERVIEW: Responsible for working with leadership to create and maintain incident response playbooks, provide recommendations during the security architecture review process for new applications, and work with security engineering teams to ensure full coverage of security tools and response capabilities. ESSENTIAL JOB DUTIES/RESPONSIBILITIES: 1. Respond to information security incidents that are escalated to the Incident Response team for Teir 3 and Teir 4. 2. Responsible for all phases of incident response for assigned incidents. 3. Ensure timely containment, recovery, and communication with key stakeholders while keeping business units informed throughout the incident lifecycle. 4. Advise on the development, implementation, and operation of incident response systems and processes to ensure effective threat detection, containment, and remediation. 5. Conduct post-incident technical investigations to understand root-cause analysis. 6. Facilitate workshops, presentations, and stakeholder discussions to drive shared understanding. 7. Ensure lessons learned translate into improved defenses and remediation plans 8. Plan and execute red/purple team exercises, tabletop simulations, and other readiness activities. 9. Develop and maintain incident response playbooks, escalation protocols, cross-team coordination, User and Entity Behavior Analytics (UEBA) program, and model alert correlation processes. 10. Foster collaboration with remote teams to ensure consistent incident response and security operations. 11. Comply with all applicable laws/regulations, as well as company policies/procedures. 12. Perform other duties as assigned. Disclaimer: This job description is general in nature and is not designed to contain or to be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job. Pay Transparency: The compensation listed reflects the pay range or rate of pay reasonably expected for this posted position at the posted location(s). If this opportunity includes multiple job levels, the pay information represents the minimum and maximum range for all levels. Actual pay is determined by job-related factors permitted by law and relevant to the position, such as experience, tenure, market level, pay at the location for this job, performance, schedule, and work assignment. Eligible employees offered health, vision, and dental insurance, employee assistance program, personal/sick paid time, 401(k) retirement savings plan, bonus potential, tuition reimbursement, adoption assistance, 2 weeks paid parental leave, paid bereavement, employee discounts, 6.67–13.34 hours vacation per month based on service time, 8 paid holidays. Pay Range: $93,851.00 - $180,195.00 per year Colorado Pay Ranges: Colorado Springs, Grand Junction $100,421 - $160,674; Henderson, Mead $106,052 - $169,683; Gypsum $112,622 - $180,195 Illinois Pay Ranges: Effingham, Kankakee, Lincoln, Quincy, Rockford, Aurora $100,421 - $160,674; Bolingbrook, Chicago Heights, Des Plaines, Elmhurst, Forest View, Joliet, Schaumburg, Summit-Argo, Zion, Buffalo $112,622 - $180,195 New York Pay Ranges: Plattsburgh, Buffalo, Watertown, North Chili, East Syracuse, Nichols $100,421 - $160,674; Bethpage, Montgomery, West Babylon $112,622 - $180,195 New Jersey Job Postings: This compensation range is a reasonable estimate of the current starting pay range in NJ. If this opportunity includes multiple job levels, the range is a reasonable estimate of the current starting salary for the lowest level to the current starting salary of the highest level. Actual starting pay is determined by experience relative to the job, market level, specific location and other job-related factors permitted by law. Regular full & part-time employees (who complete 91 days of employment and work a minimum average of 12 hours per week) are eligible to enroll in medical, dental, and/or vision coverage, tuition reimbursement. Full/part-time employees who are age 21 are eligible for 401(k) after one month of employment. QUALIFICATIONS:
- Bachelor’s degree in business, computer science, information systems, or related field; equivalent formal training.
- Five (5) years of experience in information technology, cyber security, or incident response.
- Familiarity with cyber incident response processes, including detection, analysis, containment, eradication, and recovery
- Experience with automation (Powershell, Python, APIs, etc.) for Incident Response activities
- Strong working knowledge of SIEM, EDR, Identity and Cloud protection tools
- Excellent analytical and problem-solving skills with SIEM data analytics for effective incident investigation of root cause
- Excellent communication skills for clear reporting and collaboration with technical teams and executives JOB CONDITIONS:
- Some travel required Preferred Qualifications: Pay Transparency: Posting Date: 02/12/26. Will remain posted 60 days (unless filled/cancelled soone
Apply tot his job Apply To this Job